(1/3) Locking post as Lemmy allows only 5000 word posts, rest guide is in nested comment. Making separate post for this post for comment section.
Hello! I am back with the third version of the guide I started last year with the aim of getting nearly top grade levels of privacy in the hands (pun intended) of all smartphone users, focused on steps that normal, average people with basic tech knowledge can apply.
This version of the guide is fundamentally an incremental improvement, so some parts of the guide may seem copy pasted, but they are supposed to be that way for obvious reasons.
A kind request to share this guide to any privacy seeker.
#User and device requirement
#What brings this third iteration? Was the previous guide not good enough?
No, it was not. There is always room for improvement, and it has been 6 months since the last edit I made in the 2.0 guide. The new changes warranted a new version of the guide, as lot of things changed. If I simply made the edit in previous one, people would have skimmed, glossed over or not noticed.
A basic summary of new additions to the 2.0 guide:
#Why not Apple devices?
iPhone does not allow you to have privacy due to its blackbox nature, and is simply a false marketing assurance by Apple to you. Recently, an unpatchable hardware flaw was discovered in Apple’s T1 and T2 “security” chips, rendering Apple devices critically vulnerable.
Also, they recently dropped plan for encrypting iCloud backups after FBI complained. They also collect and sell data quite a lot. Siri still records conversations 9 months after Apple promised not to do it. Apple Mail app is vulnerable, yet Apple stays in denial.
Also, Apple sells certificates to third-party developers that allow them to track users, The San Ferdandino shooter publicity stunt was completely fraudulent, and Louis Rossmann dismantled Apple’s PR stunt “repair program”.
Also, Android’s open source nature is starting to pay off in the long run. Apple 0-day exploits are far cheaper to do than Android.
ALL users must follow these steps except the “FOR ADVANCED/INTERMEDIATE USERS” tagged points or sections.
Firstly, if your device is filled to the brim or used for long time, I recommend backing up your data and factory resetting for clean slate start.
Sign out all your Google and phone brand accounts from your device so that Settings–>Accounts do not show any sign-ins except WhatsApp/Signal/Telegram
Install ADB on your Linux, Windows or Mac OS machine, simple guide: https://www.xda-developers.com/install-adb-windows-macos-linux/
Use “Universal Android Debloater” to easily debloat your bloated phone.
NOTE: Samsung users will lose Samsung Pay, as Samsung has been caught and declares they sell this data: https://www.sammobile.com/news/samsung-pay-new-privacy-policy-your-data-sold/
Install F-Droid app store from here
Install NetGuard app firewall (see NOTE) from F-Droid and set it up with privacy based DNS like AdGuard/Uncensored/Tenta/Quad9 DNS.
NOTE: NetGuard with Energized Ultimate HOSTS file with any one of the above mentioned DNS providers is the ultimate solution.
(FOR ADVANCED USERS) If you know how to merge HOSTS rules in one text file, you can merge Xtreme addon pack from [Energized GitHub] (https://github.com/EnergizedProtection/block). You can also experiment with the Porn and Malicious IP domain lists.
NOTE: Set DNS provider address in Settings -> Advanced settings --> VPN IPv4, IPv6 and DNS
Go back to F-Droid store home screen, and hit the update button beside the 3 dot menu.
###LIST OF APPS TO GET
Get Firefox Beta web browser from F-Droid (install uBlock Origin addon inside (if technically advanced, try doing this)). Also get Firefox Klar if you like a separate incognito browser.
Get Aurora Store from F-Droid for apps from Play Store without actually using Play Store, use Anonymous option to sign in
for third party APKs source them only from APKMirror OR APKPure OR APKMonk, quite trusted, BUT TRY AND AVOID IF POSSIBLE
Get Vigilante from F-Droid for iOS 14 like camera/mic dot indicator feature and local history logging of screen locking, permissions, camera/mic usage and so on
Get OSMAnd+ from F-Droid or Qwant Maps inside web browser for maps and/or print physical maps if you live and travel in one or two states or districts.
NOTE: Qwant Maps has better search results than OSMAnd+
Get PilferShush Jammer from F-Droid to block microphone (use this in malls, restaurants or such public places if you can to prevent beacon tracking)
Get OpenBoard (user friendly) OR AnySoftKeyboard (nerd friendly) from F-Droid instead of Google GBoard, Microsoft SwiftKey and so on, they are closed source keylogger USA spyware
Get KDE Connect for computer-from/to-phone internet less file sharing, on a personal/local WiFi hotspot, available for Linux/Windows/MacOS/Android
Get TrebleShot instead of SHAREIt for phone to phone file sharing
Get K-9 Mail or FairEmail as e-mail client
Get NewPipe for YouTube watching, or YouTube in Firefox Beta/Klar
Get QKSMS from F-Droid as SMS client app
Get Shelter from F-Droid to sandbox potential apps that you must use (eg WhatsApp or Discord or Signal)
Get SuperFreezZ from F-Droid to freeze any apps from running in background
Get Librera Pro from F-Droid for PDF reader
Get ImgurViewer from F-Droid for opening reddit/imgur/other image links without invasive tracking
Get BarInsta from F-Droid for opening Instagram profiles or pictures without invasive tracking (thanks u/sad_plan)
Get GreenTooth from F-Droid to set Bluetooth to disable after you have used it
Get Material Files or Simple File Manager from F-Droid for file manager app
Get ImagePipe from F-Droid if you share lot of pictures, and want to clear EXIF metadata snooping (often photos contain phone model, location, time, date)
Get Note Crypt Pro from F-Droid for encrypted note taking app
Get Vinyl Music Player from F-Droid for music player
Get VLC from F-Droid for video player
Get AppOpsX from F-Droid for managing permissions for all apps
(FOR ADVANCED USERS) Get App Manager from Izzy’s F-Droid repo (here) to inspect app’s manifest, trackers, activities, receivers, services and even signatures via Exodus Privacy built-in, all without root
(FOR ADVANCED USERS) Get Warden from Izzy’s F-Droid repo (here) for checking loggers (rest app is inferior to App Manager)
This community is meant to advocate privacy, security and freedom in an concise manner, free of prejudice bias, free of politics, free of cultist thoughts.
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say. - Edward Snowden
READ THE RULES
Opinions are welcome, facts more so. Attack arguments, not people. Hating, baiting, trolling, flaming will be dealt with strictly.
Discuss closed source software with caution. Advocating for it strongly (cult brigading) can be treated as violation of this rule.
Editing titles of article links is strictly prohibited, unless and until the summarisation remains accurate to the context of the article or paper. Such link post will be removed without questioning.
Targeting of any country, person or nation is strictly prohibited without valid reasoning. Evidence if not presented against the specific company/corporation/individual will be treated as personal attack and/or hate speech. This will result in a warning, then ban system.
NO PERMA BANS! Ban system will work as follows:
1 day --> 3 day --> 1 week --> 2 weeks --> 3 weeks --> 1 month --> 3 months --> 6 months
Severity of the ban system will be dealt with based on degree of violation and circumstances.
NO FACT-LESS EVIDENCES, NO FALSE RHETORIC Evidence has to be credible. The onus of this lies on the claimant. The same applies on the user who questions proven evidence. Violation of this rule will be dealt with strictly.
Copycat posts serve to litter the community, increasing quantity and decreasing quality of posts. As such, posts will be removed. Repeated attempts will receive warning.